jpgraph2 -- XSS vulnerability

Details

VuXML ID

77b7ffb7-e937-11e5-8bed-5404a68ad561

Discovery

2009-12-22

Entry

2016-03-13

Martin Barbella reports:

JpGraph is an object oriented library for PHP that can be used to create
various types of graphs which also contains support for client side
image maps.
The GetURLArguments function for the JpGraph's Graph class does not
properly sanitize the names of get and post variables, leading to a
cross site scripting vulnerability.